A vulnerability was found in TOTOLINK N600R 4.3.0cu.7647_B20210106. It has been classified as critical. Affected is the function setWiFiWpsConfig. The manipulation of the argument pin leads to command injection.

This vulnerability is traded as CVE-2025-51390. It is possible to launch the attack remotely. There is no exploit available.